<?php
require_once("init.php");
@$uname=$_REQUEST["uname"];
@$upwd=$_REQUEST["upwd"];
@$yzm=$_REQUEST["yzm"];
@$phpyzm=$_SESSION["code"];
if($yzm!=$phpyzm){
      // die('{"code":-1,"msg":"验证码错误"}');
}
$reg = '/^[a-zA-Z0-9]{3,12}$/';
$rs = preg_match($reg,$uname);//返回1对0错
$ms = preg_match($reg,$upwd);
if(!$rs){
    die('{"code":-1,"msg":"用户名格式有误，请检查"}');
    return;
}
if(!$ms){
    die('{"code":-1,"msg":"密码格式有误，请检查"}');
    return;
}
$sql="SELECT * FROM user WHERE uname='$uname' AND upwd=md5('$upwd')";
$result=mysqli_query($conn,$sql);
$row=mysqli_fetch_row($result);
if($row!=null){
    session_start();
    $_SESSION["uid"]=$row[0];
    echo '{"code":1,"msg":"登陆成功"}';
}else{
    echo '{"code":-1,"msg":"用户名密码错误"}';
}
